| ▲ | gooosle 5 days ago | |||||||
What safeguards? Obfuscating your IDs by... replacing them with one-to-one mapped other IDs? | ||||||||
| ▲ | mdaniel 4 days ago | parent [-] | |||||||
I believe one can readily agree that https://example.com/profiles/gooosle and https://example.com/profiles/mdaniel are not sequential and thus not subject to enumeration in any reasonable way. A concrete example of defense against this is: please link to the HN username of an account which has never posted The other very common pattern is https://example.com/profiles/852c1a9a-29ae-4638-9d82-50e0d40... or its b36 encoding which are shitty for reading over the phone but otherwise definitely safe from enumeration | ||||||||
| ||||||||